We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data.

A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees.

La société confirme des informations indiquant que ses développeurs ont été confrontés à deux jours de pannes.

Meanwhile, the hackers behind the breach are now releasing some of the stolen files on the web.

Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Leading up to Russia’s unprovoked attack against Ukraine, threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable. 

È stato rilevato delle agenzie di sicurezza informatica di Stati Uniti e Regno Unito: anche se non è ancora chiaro a che scopo sia stato utilizzato, i recenti attacchi in Ucraina spingono gli esperti a rimanere vigili

A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.

Two cybersecurity firms with a strong business presence in Ukraine—ESET and Broadcom’s Symantec—have reported tonight that computer networks in the country have been hit with a new data-wiping attack. The attack is taking place as Russian military troops have crossed the border and invaded Ukraine’s territory in what Russian President Putin has described as a “peacekeeping” mission.

The year's 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.

As early as Dec. 21, 2021, Unit 42 observed a new infection method for the highly prevalent malware family Emotet. Emotet is high-volume malware that often changes and modifies its attack patterns. This latest modification of the Emotet attack follows suit.